<?php

/* this is ugly it's just a poc ! Do not use this on production (sql injection...)*/
$db = new Database();
$auth = Auth::getAuth('current_user');

$userID = $auth['userID'];
$dateTime = date('Y-m-d h:i:s');

/*
mysql_connect("localhost","root","");
mysql_select_db("gs3_cms");

	switch($_REQUEST['action']){
		case 'validate':
			$port = $_POST['portnumber'];
			$cabinet = $_POST['cabinet'];
			$workstationType = $_POST['workstationType'];
			$description = $_POST['description'];
			$IPAddress = $_POST['IPAddress'];
			$mac = $_POST['mac'];
			$directoryName = $_POST['directoryName'];
			$StationType = $_POST['StationType'];
			$EAPBX = $_POST['EAPBX'];
			$COS = $_POST['COS'];
			$vLan = $_POST['vLan'];
			$localNumber = $_POST['localNumber'];
			$statusBlink = $_POST['statusBlink'];
			if($port=="" || $cabinet=="" || $workstationType=="" || $description=="" || $IPAddress=="" ||$mac=="" || $directoryName=="" || $EAPBX=="" || $vLan=="" || $localNumber==""){
				echo 0;
			}else{
				echo 1;
			}
		break;
		case 'list':
			$id = $_REQUEST['fileID'];
			$tags = array();
			$query = mysql_query("SELECT * FROM tag WHERE fileID='$id'");
			while($row = mysql_fetch_array($query)){
				$tags[] = array("id"=>$row['id'],
						"width"=>$row['width'],
						"height"=>$row['height'],
						"top"=>$row['top'],
						"left"=>$row['left'],
						"portNumber"=>$row['portNumber']);
			}
			echo json_encode($tags);
		break;
	
		case 'delete':
			mysql_query("delete from tag where id = ".$_REQUEST['id']);
		break;
		
		case 'save':
			mysql_query("insert into tag (`width`,`height`,`top`,`left`,`fileID`,
				    `portNumber`,`cabinet`,`userID`,`workstation`,`description`,`ipAddress`,
				    `mac`,`directoryName`,`stationType`,`eaPBX`,`classService`,
				    `vLan`,`localNumber`,`statusBlink`,`imageID`,`dateCreated`) values (
				".$_REQUEST['width'].",
				".$_REQUEST['height'].",
				".$_REQUEST['top_pos'].",
				".$_REQUEST['left'].",
				'".$_REQUEST['FileID']."',
				'".$_REQUEST['port']."',
				'".$_REQUEST['cabinet']."',
				'".$userID."',
				'".$_REQUEST['workstationType']."',
				'".$_REQUEST['description']."',
				'".$_REQUEST['IPAddress']."',
				'".$_REQUEST['mac']."',
				'".$_REQUEST['directoryName']."',
				'".$_REQUEST['StationType']."',
				'".$_REQUEST['EAPBX']."',
				'".$_REQUEST['COS']."',
				'".$_REQUEST['vLan']."',
				'".$_REQUEST['localNumber']."',
				'".$_REQUEST['statusBlink']."',
				'".$_REQUEST['FileID']."',
				'".$dateTime."'
			)") or die(mysql_error());
			
			echo mysql_insert_id();
		break;
	
	}
*/
?>
